Threat actor group Handala was observed sending lure emails containing malware to Israeli targets following the CrowdStrike outage. The malware is a wiper that has a single purpose: to destroy files on the machine it runs on. Max Kersten, Mathanraj TK, and Tomer Shloman provide the full run-down of Handala’s previous actions, attack chains, and the inner workings of the wiper in the latest blog. ➡️ https://bit.ly/4d0ri2A
Trellix’s Post
More Relevant Posts
-
Staff Security Researcher at Trellix (Formerly FireEye, Inc.) | Malware Analysis & Reverse Engineering | Threat Detection & Response Expert
New Blog Alert! Check out our latest post, "Handala’s Wiper Targets Israel," by Mathanraj TK Max Kersten and Tomer Shloman The Handala Hacking Team, targeting Israeli entities with a destructive wiper malware designed to obliterate files. In this blog, we delve into: The Handala Hacking Team's background and previous actions The attack chain and how it unfolded Technical insights into the wiper’s functionality and code reuse Don’t miss this in-depth analysis of a significant cybersecurity #CyberSecurity #ThreatIntelligence #MalwareAnalysis #HandalaHackingTeam #CrowdStrike #FalconAgent
Threat actor group Handala was observed sending lure emails containing malware to Israeli targets following the CrowdStrike outage. The malware is a wiper that has a single purpose: to destroy files on the machine it runs on. Max Kersten, Mathanraj TK, and Tomer Shloman provide the full run-down of Handala’s previous actions, attack chains, and the inner workings of the wiper in the latest blog. ➡️ https://bit.ly/4d0ri2A
To view or add a comment, sign in
-
🚨 New Lab Alert 🚨 Securonix has released an advisory covering a new campaign that may be conducted by the threat actor Kimusky, also known as APT43. In this lab, learn tactics, techniques, and procedures (TTPs) used by the threat actor group in the delivery, execution, and post-execution actions of its malware, stagers, and remote access trojan (RAT). Check it out today ⬇️ 🔒 https://hubs.ly/Q02t2p9m0
To view or add a comment, sign in
-
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims. Read more at: https://lnkd.in/e7XfX7D6
To view or add a comment, sign in
-
Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk: The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in https://lnkd.in/gyZUPsJE
To view or add a comment, sign in
-
Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in https://lnkd.in/gvhJ83xn
To view or add a comment, sign in
-
Our weekly threat insights roundup is now live! Last week, infostealer malware took center stage as threat actors ramped up their use of these sneaky tools to infiltrate systems. Learn more: https://lnkd.in/dNVvQAFf Stay informed and stay safe!
To view or add a comment, sign in
-
Did you know that malware can assist a cybercriminal into accessing and looting your network? We want to share some of our knowledge with you, so we touch on some of the common things that can lead to a cyberattack. http://ow.ly/iGXc30syK5K
To view or add a comment, sign in
-
Did you know that malware can assist a cybercriminal into accessing and looting your network? We want to share some of our knowledge with you, so we touch on some of the common things that can lead to a cyberattack. http://ow.ly/F9YI30syIcH
To view or add a comment, sign in
-
Did you know that malware can assist a cybercriminal into accessing and looting your network? We want to share some of our knowledge with you, so we touch on some of the common things that can lead to a cyberattack. http://ow.ly/F9YI30syIcH
To view or add a comment, sign in
-
Uncover the secrets of the Snake info stealer in our latest #HackoftheWeek video. Dive into how this malware operates, its targets, and the global response to combat this digital threat.
To view or add a comment, sign in
465,064 followers